transaction: reject calls from unidentified subscribers
A valid subscriber is indespensible when allocating a new
transaction. Return NULL if no subscriber is supplied. This
will cause unidentified subscribers to be rejected.
Note: Under normal conditions, the problem does not occour,
but it is still possible that a misbehaving MS might trigger
the problem by sending a SETUP command before authenticating
the subscriber. (unencrypted networks)
Change-Id: Ia8739b6e329ab02c0064270d02ad1d6ee245520d
diff --git a/src/libmsc/transaction.c b/src/libmsc/transaction.c
index 7289a8f..28e0914 100644
--- a/src/libmsc/transaction.c
+++ b/src/libmsc/transaction.c
@@ -88,6 +88,13 @@
DEBUGP(DCC, "subscr=%p, net=%p\n", vsub, net);
+ /* a valid subscriber is indispensable */
+ if (vsub == NULL) {
+ LOGP(DCC, LOGL_NOTICE,
+ "unable to alloc transaction, invalid subscriber (NULL)\n");
+ return NULL;
+ }
+
trans = talloc_zero(tall_trans_ctx, struct gsm_trans);
if (!trans)
return NULL;